cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Seeburger AS2 Certificate Issue

Former Member

on ‎05-12-2009 9:33 AM

0 Kudos

Hey,

We are facing an Issue while posting an EDI order to XI.

The sender system receives an error https 403 forbidden.

I assume this is an authorization error.

We had a certificate say XYZ.cert taht expired and hence we uploaded a new certificate say XYZ_1.cert

Now when the sender sends the data, the AS2ID is XYZ and the private key is XYZ.

i would like to know if any of these two values determine the certificate. because if that is the case then the sender data will refer to the old certificate which has expired.

Also if anyone has a different explanation for the error, please mention.

regards,

Milan Thaker

Show replies
Show replies
Answer

Accepted Solutions (0)

Answers (2)

Answers (2)

Former Member
‎05-12-2009 9:48 AM
0 Kudos

Hi Milan,

If you receiving EDI documents from your partner then in the sender agreement you will specify following certificates

1. Authenticate Certificate - Partner Public Key used to validate the signature of the partner

2.Decryption Key- Your Private Key (your certificate) to decrypt the message

So if you changed your certificate then you need to give your new certificate (public key) to your partner for encrypting.

Regards,

Prakash

Show replies
Show replies
Former Member
‎05-12-2009 10:22 AM
0 Kudos

Hey Prakash,

We have not changed the certificate it is the partner who has changed the certificate. So what other changes are we suppose to do to incorporate this change.

Also one more thing in the sender agreement do we give the certificate name or the AS2ID.

regards,

Milan Thaker

Former Member
‎05-12-2009 10:33 AM
0 Kudos

Hello,

yes we call these certificate in Aggrement. you have change the name of the certificate to XYZ_1.cert

either change the name there or in VA change it into XYZ.cert

Thanks and Regards

Hemant

Former Member
‎05-12-2009 10:34 AM
0 Kudos

Hi Milan,

If your partner changed the certificate then get the public key(certificate) from the partner and import it in Visual Administrator and specify the same for Authentication Certificate in Sender Agreement.

In Sender Agreement you will specify the certificate name which is in the Visual Administrator.

Regards,

Prakash

prateek
Active Contributor
‎05-12-2009 10:46 AM
0 Kudos

Your scenario is with As2 as sender. Therefore under the sender agreement, under "AS2 Sender Configuration", you need to provide the certificate name as XYZ_1. Specifying .cert is not required.

Regards,

Prateek

Former Member
‎05-12-2009 11:17 AM
0 Kudos

Hey Prateek,

I changed the certificate name in AS2 sender agreement. But do you thnk this wil resolve my issue. As before the AS2 the Split997 will be called. And the message has not even reached till Split997. It gives me 403 forbidden.

The sender is sending the mesage with private key as XYZ and not XYZ_1 do you thnk this is the reason behind the issue as their public key (certificate ) is XYZ_1

regards,

Milan Thaker

former_member181962
Active Contributor
‎05-12-2009 11:28 AM
0 Kudos

Hi Milan,

As your partner to send the certificate file via email.

Give it to your Basis and ask them to deploy it it the same location of the old certificate.

Then your scenario should work fine.

Regards,

Ravi

Former Member
‎05-12-2009 11:31 AM
0 Kudos

Hey Ravi,

that has been done but the only issue is that the new file name is not the same as the old file name and i assume that is the issue so i want to know where all i need to change the names on my side as well as the partners side so as to reflect the new certificate name.

regards,

Milan thaker

former_member181962
Active Contributor
‎05-12-2009 11:37 AM
0 Kudos

Hi Milan,

I think we only specify the location of the certificate, but not the name of the certificate in the sender agreement.

Are you sure the new certificate is deployed(Using SDM) in the same location as the old certificate?

Ideally(At least in theory), when you change the certificate it should not effect the configuration.

Regards,

Ravi

prateek
Active Contributor
‎05-12-2009 12:05 PM
0 Kudos

Hi Milan,

The change in the sender agreement was required and you may test the message now. I hope you are doing it in Dev or QA

Recheck if you have sender agreement for a split channel in place or not. How are you ensuring that the split channels are not called?

Regards,

Prateek

Former Member
‎05-13-2009 4:59 AM
0 Kudos

Hi Prateek,

As the data is not even seen in the seeburger monitoring, I assume that even the split channel is not called. The Sender Agreement for Split is in place.

prateek
Active Contributor
‎05-13-2009 12:35 PM
0 Kudos

Milan, which part of Seebuger Monitoring are you talking about? You can't see a split specific message in Seeburger Message Monitor. Message Monitor entry is made only once the message passes through the final adapter, As2 in your case.

Regards,

Prateek

Former Member
‎05-12-2009 9:39 AM
0 Kudos

Hello,

Have u change the name in Sender communication channel.

Thanks and Regards

Hemant

Show replies
Show replies
Ask a Question